diff options
Diffstat (limited to 'jetty-security/src/main/java/org/eclipse')
| -rw-r--r-- | jetty-security/src/main/java/org/eclipse/jetty/security/JDBCLoginService.java | 45 | ||||
| -rw-r--r-- | jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java | 4 |
2 files changed, 28 insertions, 21 deletions
diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/JDBCLoginService.java b/jetty-security/src/main/java/org/eclipse/jetty/security/JDBCLoginService.java index 58db6e4727..5373161801 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/JDBCLoginService.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/JDBCLoginService.java @@ -19,6 +19,7 @@ package org.eclipse.jetty.security; import java.io.IOException; +import java.io.InputStream; import java.sql.Connection; import java.sql.DriverManager; import java.sql.PreparedStatement; @@ -116,8 +117,10 @@ public class JDBCLoginService extends MappedLoginService { Properties properties = new Properties(); Resource resource = Resource.newResource(_config); - properties.load(resource.getInputStream()); - + try (InputStream in = resource.getInputStream()) + { + properties.load(in); + } _jdbcDriver = properties.getProperty("jdbcdriver"); _url = properties.getProperty("url"); _userName = properties.getProperty("username"); @@ -238,25 +241,29 @@ public class JDBCLoginService extends MappedLoginService if (null == _con) throw new SQLException("Can't connect to database"); - PreparedStatement stat = _con.prepareStatement(_userSql); - stat.setObject(1, username); - ResultSet rs = stat.executeQuery(); - - if (rs.next()) + try (PreparedStatement stat1 = _con.prepareStatement(_userSql)) { - int key = rs.getInt(_userTableKey); - String credentials = rs.getString(_userTablePasswordField); - stat.close(); - - stat = _con.prepareStatement(_roleSql); - stat.setInt(1, key); - rs = stat.executeQuery(); - List<String> roles = new ArrayList<String>(); - while (rs.next()) - roles.add(rs.getString(_roleTableRoleField)); + stat1.setObject(1, username); + try (ResultSet rs1 = stat1.executeQuery()) + { + if (rs1.next()) + { + int key = rs1.getInt(_userTableKey); + String credentials = rs1.getString(_userTablePasswordField); + List<String> roles = new ArrayList<String>(); - stat.close(); - return putUser(username, Credential.getCredential(credentials),roles.toArray(new String[roles.size()])); + try (PreparedStatement stat2 = _con.prepareStatement(_roleSql)) + { + stat2.setInt(1, key); + try (ResultSet rs2 = stat2.executeQuery()) + { + while (rs2.next()) + roles.add(rs2.getString(_roleTableRoleField)); + } + } + return putUser(username, Credential.getCredential(credentials),roles.toArray(new String[roles.size()])); + } + } } } catch (SQLException e) diff --git a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java index edb5f9156d..df8a4eb12c 100644 --- a/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java +++ b/jetty-security/src/main/java/org/eclipse/jetty/security/SecurityHandler.java @@ -650,7 +650,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti /* ------------------------------------------------------------ */ /* ------------------------------------------------------------ */ - public static Principal __NO_USER = new Principal() + public static final Principal __NO_USER = new Principal() { public String getName() { @@ -674,7 +674,7 @@ public abstract class SecurityHandler extends HandlerWrapper implements Authenti * FormAuthenticator to allow access to logon and error pages within an * authenticated URI tree. */ - public static Principal __NOBODY = new Principal() + public static final Principal __NOBODY = new Principal() { public String getName() { |